We are proud to announce a new major release of the SSH library. Version 0.9.0 offers a lot of new features and bug fixes. We added support for AES-GCM encryption, Encrypt-then-MAC mode, elliptic-curve certificate support, FIPS 140-2 compatibility and many more.
We also added support for server side configuration parsing. This is mostly useful for defining ciphers, mac modes and hashes. We also improved the performance and reduced the copying of data for internal data structures.
When libssh is built against a recent version of OpenSSL we will use the new APIs for KEX, DH, KDF and signatures. This is especially required for FIPS compatibility.
With this release we also disabled blowfish support by default.
As we started to use Gitlab CI for testing with libssh 0.8.0 we extended our testsuite with server tests which also revealed some bugs. We’ve added csbuild to get more static code analysis to detect issues before we commit them to the upstream repository.
Thanks to all contributors who made this release possible!
If you are new to libssh you should read our tutorial how to get started.
Please join our mailing list or visit our irc channel if you have
questions.
You can download libssh-0.9.0 here.
ChangeLog
Added support for AES-GCM
Added improved rekeying support
Added performance improvements
Disabled blowfish support by default
Fixed several ssh config parsing issues
Added support for DH Group Exchange KEX
Added support for Encrypt-then-MAC mode
Added support for parsing server side configuration file
Added support for ECDSA/Ed25519 certificates
Added FIPS 140-2 compatibility
Improved known_hosts parsing
Improved documentation
Improved OpenSSL API usage for KEX, DH, KDF and signatures
We are proud to announce a new major release of the SSH library. Version 0.9.0 offers a lot of new features and bug fixes. We added support for AES-GCM encryption, Encrypt-then-MAC mode, elliptic-curve certificate support, FIPS 140-2 compatibility and many more.
We also added support for server side configuration parsing. This is mostly useful for defining ciphers, mac modes and hashes. We also improved the performance and reduced the copying of data for internal data structures.
When libssh is built against a recent version of OpenSSL we will use the new APIs for KEX, DH, KDF and signatures. This is especially required for FIPS compatibility.
With this release we also disabled blowfish support by default.
As we started to use Gitlab CI for testing with libssh 0.8.0 we extended our testsuite with server tests which also revealed some bugs. We’ve added csbuild to get more static code analysis to detect issues before we commit them to the upstream repository.
Thanks to all contributors who made this release possible!
If you are new to libssh you should read our tutorial how to get started. Please join our mailing list or visit our irc channel if you have questions.
You can download libssh-0.9.0 here. ChangeLog
Code Stats
Between version 0.8.0 and 0.9.0 the libssh did: